As part of the role, you will conduct penetration tests for the application and infrastructure estate, to ensure security parameters remain at the appropriate levels of protection and provide relevant penetration testing, SME security knowledge in all new and existing programmes across the estate.
Key Accountabilities:
*Responsibility for execution of NIST control framework requirements
*Understand the customer journeys mapping to infrastructure and applications
*Perform network penetration, web and mobile application testing, API testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments
*Develop comprehensive and accurate reports and presentations for both technical and executive audiences
*Effectively communicate findings and strategy to technical and non-technical stakeholders
*Develop scripts, tools, or methodologies to enhance penetration testing and red teaming processes
*Maintain a testing lab and a library of tools and techniques
*Evaluate new products
*Work with the rest of the technical team and support the development of key cyber security strategies
*Help improve the tools, techniques and processes used for penetration testing
Candidates will ideally have,
*The ability to work in a constantly changing and fast past environment
*Good understanding of offensive / defensive techniques and awareness of any open source framework such as OWASP ESAPI.
*Comprehensive understanding of pen testing processes from beginning to end
*Technical experience with web application and infrastructure penetration testing
*Strong problem-solving skills
If you would like to find out more, then please send across an updated CV as soon as possible.
